Our security roundup series covers the week’s trending topics in the world of InfoSec. In this quick read compilation, we’ll let you know of the latest news and controversies that the industry has been talking about recently.

Here’s what you don’t want to miss from the week of August 31st, 2015:

On the one-year anniversary of ‘The Fappening,’ an incident in which hundreds of explicit images of some of Hollywood’s most well known female celebrities including Jennifer Lawrence and Jennifer Upton were leaked online, investigators still have yet to attribute who is responsible for the hack. According to The Daily Mail, the Federal Bureau of Investigations has in the past year searched several addresses and seized some electronic equipment, but little is known about those responsible beyond the fact that they allegedly used a tool to launch brute force attacks in order to guess their victims’ login credentials. In total, the hack is believed to have compromised some 500 Apple iCloud accounts.

According to Palo Alto Networks and a group of Chinese iPhone developers named Weiptech, some 225,000 iPhones have been infected by “KeyRaider,” a piece of mobile malware that intercepts users’ iTune login credentials. This information, in turn, allows attackers to hijack victims’ payment credentials and install paid apps on other iOS devices. As of this writing, individuals who have previously jailbroken their iOS devices are most susceptible to KeyRaider, with the vast majority of victims being located in China.

Researchers with IBM Security X-Force have discovered a new banking Trojan they have nicknamed “Shifu,” which is Japanese for “thief.” The malware, which is currently targeting 14 separate banks in Japan, is a highly sophisticated banking Trojan to the extent that it incorporates features from other malicious programs, including a domain generation algorithm (DGA) from the Shiz Trojan, string obfuscation and anti-research techniques from Zeus VM, and stealth tactics from the Gozi/ISFB Trojan.

Xen released a patch for a vulnerability that could allow domains given partial management control to deny service to other parts of the system. The problem apparently results from XENMAPSPACE_gmfn_foreign being able to dump the p2m, on ARM, when it fails to retrieve a reference on the foreign page. Dump_p2m_lookup does not use rate-limited printk, which could therefore allow a malicious infrastructure domain to flood the Xen console. Sysadmins could reduce the hypervisor log level so that it sends out fewer messages, as The Register notes. However, patching is recommended.

Brian Krebs reported earlier this week that security firm Dr.Web experimented with ways to expose how anti-virus companies might be blindly accepting threat intelligence feeds from rival firms. This story mirrors the allegations of two former Kaspersky Lab employees who claim that their past employer deliberately told the antivirus scanning service Virustotal.com that 10 benign files were malicious in an attempt to cause problems for rival companies. This campaign is said to have targeted AVG, Avast, and Microsoft, among others.

A security researcher for Check Point’s malware research team has discovered a new variant of the Simplocker Android ransomware that masquerades as a legitimate application on app stores and download pages. The ransomware requests administrative privileges upon installation, which it in turn uses to encrypt the device’s files. Victims are then told that the encryption is the result of NSA activities and that they must pay a fine of $500USD to recover their files. Check Point believes that the attackers behind this malicious program have collected hundreds of thousands of dollars in ransom payments thus far.